Blog Post

How Conjur’s identity management tool helps developers and operations stay together in a happy marriage

When thinking about how cloud computing has changed the nature of applications, it’s hard not to consider just how much better modern-day apps are with regards to how fast they can operate, retrieve data and perform other useful tasks thanks to what the cloud can provide. But this high performance comes at a price; a very messy infrastructure that can be difficult for developers and operations to manage.

Cloud-based applications are typically comprised of many moving parts that could be stored across multiple servers and databases, and it can be a real chore for users to keep track of where important items are located and which users should have access to the appropriate server, codebase and whatever else that may make up a particular application. Conjur, a Waltham, Massachusetts-based startup created by a husband-and-wife duo, is attempting to put some order within the infrastructure through its identity management technology.

Conjur’s co-founders, CTO Kevin Gilpin and CEO Elizabeth Lawler, believe the best way to solve this problem is with what is essentially a modern-day update of Microsoft’s Active Directory that’s tailored for cloud computing. Active Directory allowed users to keep track of user data, resources and security features through a single interface, and Conjur provides a similar tool that can manage all of those same items as they exist across multiple cloud servers.

How the tangled world of cloud infrastructure poses problems

The idea behind Conjur came from dinner-table conversations the two had regarding their various jobs and how they both perceived the problems developers and operations face when trying to work together on complex systems, explained Lawler. Gilpin had experience with cloud architecture through his time working as a CTO of the big data healthcare startup Praxeon and Lawler had several years of experience overseeing government healthcare IT projects during her over a decade-long stint working with the VA Boston Healthcare System.

“I have a huge amount of empathy for ops guys,” said Lawler. “I worked with them and watched how they struggled; they have difficult, stressful lives.”

Conjur’s Co-founders Kevin Gilpin and Elizabeth Lawler

Gilpin and Lawler then started doing consulting work with companies to learn about the bottlenecks they experience in the development and operations process. From their consulting, the two witnessed the difficulties companies face when trying to manage the tangled web of cloud infrastructure.

A whole host of problems can occur if there is no one keeping track of who has the right access to that many pieces of an organization’s infrastructure, explained Gilpin. For instance, a developer still hacking away on his or her code could accidentally push out that code to a production server, which could cause a bunch of bugs; this problem could be solved if that developer wasn’t allowed to touch that particular production server but was instead only given permission to work on testing or development servers.

Big SaaS providers are also worried about disgruntled employees and the chaos they can cause if they inject malicious code into a production server if that person has the permission to make a commit, said Gilpin. With proper access control, it’s easier for companies to decide who is the appropriate person to make deployments.

Creating order out of cloud chaos

After gaining industry knowledge and earning some cash through consulting, Gilpin built a prototype of the Conjur tool along with some help from offshore developers. By 2013, the technology was ready to be unleashed and the startup exited stealth mode to concentrate on promoting it; the two no longer do consulting work.

With Conjur, a user just has to install its software, set up an account and from there build a directory through an interface that allows them to choose which operations people or developers should control their respective data and servers. If there are certain scripts that an organization wants to use to perform automated tasks like spinning up new servers, a user can also use Conjur to make sure the script is only allowed to do that task.

Conjur interface – taken from Conjur’s website

What makes the tool stand out from other cloud management services like RightScale is that a lot of these tools bundle all the different cloud services an organization may use into one single interface, which could pose a problem if you want to work outside of the perimeters that the management service allows.

“If the cloud management platform doesn’t run on the cloud you want and you like [company]Digital Ocean[/company], you are missing out,” said Gilpin. “You have to accept all this baggage that you don’t want.”

So far, the seven-person company (with ten part-time workers) has landed customers in the healthcare, biotechnology and SaaS industries. Its most public customer is [company]Netflix[/company], who detailed over the summer how Conjur helped the streaming video giant manage and secure user permissions across its massive Amazon Web Services infrastructure.

The startup counts Avalon Ventures, Amplify Partners and and big data expert and angel investor Andy Palmer (who recently co-founded the data automation cleanup startup Tamr) as investors. Conjur has not publicly disclosed how much funding it has received so far.

With more and more companies setting up shop in the cloud, it’s likely that a lot of these businesses will be dealing with confusing mazes of cloud infrastructure. Of course, this problem poses an opportunity for devops-focussed startups like Conjur who may just have the right map to help out folks lost in the weeds.